Trojaner-Board - BKA Trojaner? nur auf einer Internetseite!

sry
hier nochmal die Logs

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014

Ran by OEM (administrator) on OEM-NB on 21-07-2014 17:53:46

Running from E:\

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE

(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe

(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe

(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111024 2014-04-07] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-04-07] (Lenovo(beijing) Limited)

HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-04-25] (IDT, Inc.)

HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-03-01] (Vimicro)

HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)

HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: igfxdev.dll [X]

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File

ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File

ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File

ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.g-store.net/suche.php

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com

SearchScopes: HKLM - DefaultScope {7B0B5A53-12A9-4A99-9051-06569347026B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB

SearchScopes: HKLM - {7B0B5A53-12A9-4A99-9051-06569347026B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB

SearchScopes: HKLM-x32 - DefaultScope {7B0B5A53-12A9-4A99-9051-06569347026B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB

SearchScopes: HKLM-x32 - {7B0B5A53-12A9-4A99-9051-06569347026B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 172.21.69.93
 

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 

==================== Services (Whitelisted) =================
 

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)

R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959192 2013-04-02] (Broadcom Corporation.)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-18] (Intel Corporation)

R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]

R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-04-07] ()

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-17] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-17] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

S3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)

R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1045248 2013-03-01] (Vimicro Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-17] (Microsoft Corporation)

S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-21 17:53 - 2014-07-21 17:53 - 00000000 ____D () C:\FRST

2014-07-21 16:53 - 2013-08-22 15:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140721-165319.backup

2014-07-14 22:47 - 2014-07-21 17:53 - 00001060 _____ () C:\WINDOWS\setupact.log

2014-07-14 22:47 - 2014-07-14 22:47 - 00000178 _____ () C:\WINDOWS\setuperr.log

2014-07-14 12:18 - 2014-07-14 12:18 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\NewUserSettings

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\LibreOffice

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\InfraRecorder

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\LibreOffice

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\InfraRecorder

2014-07-14 12:18 - 2014-06-19 18:49 - 00001175 _____ () C:\Users\NewUserSettings\NewUser.cmd

2014-07-14 12:18 - 2014-06-19 18:27 - 00001811 _____ () C:\Users\NewUserSettings\NewUser_Start.cmd

2014-07-14 12:18 - 2014-06-19 10:48 - 00000443 _____ () C:\Users\NewUserSettings\PinToTaskbar.vbs

2014-07-14 12:18 - 2014-03-14 17:18 - 00055504 _____ () C:\Users\NewUserSettings\appsfolder.itemdata-ms

2014-07-14 12:17 - 2014-07-14 12:17 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2

2014-07-14 12:13 - 2014-07-14 12:13 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2014-07-14 12:12 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-07-14 12:12 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-14 12:03 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll

2014-07-14 11:57 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-07-14 11:57 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-07-14 11:57 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-07-14 11:57 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-07-14 11:57 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-07-14 11:57 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-07-14 11:57 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-07-14 11:57 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-07-14 11:57 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-07-14 11:57 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-07-14 11:57 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-07-14 11:57 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-07-14 11:57 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-07-14 11:57 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-07-14 11:57 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-07-14 11:57 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-07-14 11:57 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-07-14 11:57 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-07-14 11:57 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-07-14 11:57 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-07-14 11:57 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-07-14 11:57 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-07-14 11:57 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-07-14 11:57 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-07-14 11:57 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-07-14 11:57 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-07-14 11:57 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-07-14 11:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-07-14 11:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-07-14 11:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-07-14 11:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-07-14 11:57 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-07-14 11:57 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-07-14 11:57 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-07-14 11:57 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-07-14 11:57 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-07-14 11:57 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-07-14 11:57 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-07-14 11:57 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-07-14 11:57 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-07-14 11:57 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-07-14 11:57 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-07-14 11:57 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-07-14 11:53 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-07-14 11:53 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2014-07-14 11:53 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-07-14 11:53 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-07-14 11:53 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-07-14 11:53 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-07-14 11:53 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-07-14 11:53 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-07-14 11:53 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-07-14 11:53 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-07-14 11:53 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-07-14 11:53 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-07-14 11:53 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll

2014-07-14 11:53 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll

2014-07-14 11:53 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

2014-07-14 11:53 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll

2014-07-14 11:53 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll

2014-07-14 11:53 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll

2014-07-14 11:53 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-07-14 11:53 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-07-14 11:53 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat

2014-07-14 11:53 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-07-14 11:53 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys

2014-07-14 11:53 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-07-14 11:53 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2014-07-14 11:53 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2014-07-14 11:53 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-07-14 11:53 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-07-14 11:53 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-07-14 11:53 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-07-14 11:53 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-07-14 11:53 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-07-14 11:53 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-07-14 11:53 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-07-14 11:53 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-07-14 11:53 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-07-14 11:53 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-07-14 11:53 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-07-14 11:53 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2014-07-14 11:53 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2014-07-14 11:53 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-07-14 11:53 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2014-07-14 11:53 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-07-14 11:53 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-07-14 11:53 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2014-07-14 11:53 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-07-14 11:53 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll

2014-07-14 11:53 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll

2014-07-14 11:51 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll

2014-07-14 11:51 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll

2014-07-14 11:51 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-07-14 11:51 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2014-07-14 11:51 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys

2014-07-14 11:51 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2014-07-14 11:51 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys

2014-07-14 11:51 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys

2014-07-14 11:51 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys

2014-07-14 11:51 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys

2014-07-14 11:51 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys

2014-07-14 11:51 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe

2014-07-14 11:51 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll

2014-07-14 11:51 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll

2014-07-14 11:51 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-07-14 11:51 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll

2014-07-14 11:51 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll

2014-07-14 11:51 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-07-14 11:51 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-07-14 11:49 - 2014-07-14 11:49 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2014-07-14 11:49 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-07-14 11:49 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-07-14 11:49 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-07-14 11:49 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-07-14 11:49 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-07-14 11:48 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2014-07-14 11:48 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-07-14 11:48 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-07-14 11:48 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-07-14 11:48 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-07-14 11:48 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-07-14 11:48 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-07-14 11:48 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-07-14 11:48 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe

2014-07-14 11:48 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe

2014-07-14 11:48 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe

2014-07-14 11:48 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys

2014-07-14 11:48 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-07-14 11:48 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-07-14 11:48 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2014-07-14 11:47 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-07-14 11:47 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-07-14 11:47 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-07-14 11:47 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2014-07-14 11:47 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-07-14 11:47 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-07-14 11:47 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-14 11:47 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-07-14 11:47 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-07-14 11:47 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-14 11:47 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-07-14 11:47 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-07-14 11:47 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-07-14 11:47 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2014-07-14 11:47 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-07-14 11:47 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-07-14 11:47 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-07-14 11:47 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-07-14 11:47 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys

2014-07-14 11:47 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-07-14 11:47 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-07-14 11:47 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2014-07-14 11:47 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

2014-07-14 11:47 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2014-07-14 11:47 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2014-07-14 11:47 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
 

==================== One Month Modified Files and Folders =======
 

2014-07-21 17:53 - 2014-07-21 17:53 - 00000000 ____D () C:\FRST

2014-07-21 17:53 - 2014-07-14 22:47 - 00001060 _____ () C:\WINDOWS\setupact.log

2014-07-21 17:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-07-21 16:48 - 2014-05-17 16:07 - 01250845 _____ () C:\WINDOWS\WindowsUpdate.log

2014-07-21 16:48 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-07-21 16:48 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2014-07-21 16:48 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2014-07-21 16:37 - 2014-05-16 21:33 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1596549527-1898905715-2209854666-1001

2014-07-21 16:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-07-21 15:51 - 2014-05-17 17:33 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4DB8064A-C59B-4E8D-9A07-7715DD083041}

2014-07-19 03:00 - 2014-05-17 15:58 - 00000000 ____D () C:\Users\OEM

2014-07-19 02:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-07-19 02:34 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-07-19 02:33 - 2014-04-07 23:07 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf

2014-07-19 02:33 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-07-14 22:47 - 2014-07-14 22:47 - 00000178 _____ () C:\WINDOWS\setuperr.log

2014-07-14 22:46 - 2014-03-18 03:50 - 00001566 _____ () C:\WINDOWS\PFRO.log

2014-07-14 22:46 - 2013-08-22 16:44 - 00387968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-14 13:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-07-14 12:19 - 2014-05-17 17:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Windows Live

2014-07-14 12:18 - 2014-07-14 12:18 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\NewUserSettings

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\LibreOffice

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default\AppData\Roaming\InfraRecorder

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\LibreOffice

2014-07-14 12:18 - 2014-07-14 12:18 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\InfraRecorder

2014-07-14 12:17 - 2014-07-14 12:17 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2

2014-07-14 12:17 - 2014-05-17 17:25 - 00001540 _____ () C:\Users\Public\Desktop\LibreOffice Textverarbeitung.lnk

2014-07-14 12:17 - 2014-05-17 17:25 - 00001522 _____ () C:\Users\Public\Desktop\LibreOffice Praesentationen.lnk

2014-07-14 12:17 - 2014-05-17 17:25 - 00001430 _____ () C:\Users\Public\Desktop\LibreOffice Tabellenverarbeitung.lnk

2014-07-14 12:17 - 2014-05-17 17:16 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4

2014-07-14 12:15 - 2014-05-17 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

2014-07-14 12:15 - 2014-05-17 17:14 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack

2014-07-14 12:13 - 2014-07-14 12:13 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-07-14 12:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-07-14 12:06 - 2014-05-16 22:28 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-14 12:06 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-14 12:02 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-14 11:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-07-14 11:49 - 2014-07-14 11:49 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2014-06-26 22:55 - 2014-07-14 12:12 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-06-26 22:55 - 2014-07-14 12:12 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-06-26 17:40 - 2014-05-16 22:28 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 

Files to move or delete:

====================

C:\Users\NewUserSettings\PinToTaskbar.vbs
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-14 17:40
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014

Ran by OEM at 2014-07-21 17:54:46

Running from E:\

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.07)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden

Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)

Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)

Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.13 - Lenovo)

Energy Management (x32 Version: 8.0.2.13 - Lenovo) Hidden

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6431.0 - IDT)

InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )

Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6400 - Broadcom Corporation)

Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.301.1 - Vimicro)

Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)

Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)

Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden

Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)

Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden

Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)

Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)

Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden

Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5987 - Lenovo)

LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{DA6AF414-24FA-4815-A4FB-5EFD6173E6F5}) (Version: 4.2.4.2 - The Document Foundation)

LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)

Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)

UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)

Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)

Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
 

==================== Restore Points  =========================
 

14-07-2014 20:51:51 G-Store.net
 

==================== Hosts content: ==========================
 

2013-08-22 15:25 - 2014-07-21 16:53 - 00450709 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1        www.007guard.com

127.0.0.1        007guard.com

127.0.0.1        008i.com

127.0.0.1        www.008k.com

127.0.0.1        008k.com

127.0.0.1        www.00hq.com

127.0.0.1        00hq.com

127.0.0.1        010402.com

127.0.0.1        www.032439.com

127.0.0.1        032439.com

127.0.0.1        www.0scan.com

127.0.0.1        0scan.com

127.0.0.1        1000gratisproben.com

127.0.0.1        www.1000gratisproben.com

127.0.0.1        1001namen.com

127.0.0.1        www.1001namen.com

127.0.0.1        100888290cs.com

127.0.0.1        www.100888290cs.com

127.0.0.1        www.100sexlinks.com

127.0.0.1        100sexlinks.com

127.0.0.1        10sek.com

127.0.0.1        www.10sek.com

127.0.0.1        www.1-2005-search.com

127.0.0.1        1-2005-search.com

127.0.0.1        123fporn.info

127.0.0.1        www.123fporn.info

127.0.0.1        123haustiereundmehr.com

127.0.0.1        www.123haustiereundmehr.com

127.0.0.1        123moviedownload.com
 

There are 1000 more lines.
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {18ADF591-3719-48E2-92E3-BF3F06EAA706} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-26] (Microsoft Corporation)

Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {5A926077-A64F-4417-989F-80D9BF4E01A5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {94E4FCFC-1173-4272-93B5-6795AE3BF772} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)

Task: {9E4AD713-5884-477F-BEEF-38484A1FF9ED} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)

Task: {9F0FC1C0-37D4-4BD6-B05A-0BD14EB28048} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {F5F309DD-E5D7-475A-B577-9ED6EC3EA45A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-04-02 16:03 - 2013-04-02 16:03 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll

2014-04-07 23:07 - 2014-04-07 23:07 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe

2014-04-07 23:07 - 2014-04-07 23:07 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll

2014-04-07 22:43 - 2012-07-18 20:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/14/2014 00:19:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)

Description: There was an error with the Windows Location Provider database
 

Error: (07/14/2014 05:39:55 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).
 

Error: (07/14/2014 05:35:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0xC004E028

Befehlszeilenargumente:

RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=NetworkAvailable
 

Error: (07/14/2014 05:34:50 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed LibreOffice 4.2 Help Pack (German); Fehler = 0x80070422).
 

Error: (07/14/2014 05:34:49 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed LibreOffice 4.2 Help Pack (German); Fehler = 0x80070422).
 

Error: (07/14/2014 05:33:03 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed LibreOffice 4.2.0.4; Fehler = 0x80070422).
 

Error: (07/14/2014 05:32:37 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed LibreOffice 4.2.0.4; Fehler = 0x80070422).
 

Error: (07/14/2014 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0x80072EE7

Befehlszeilenargumente:

RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=TimerEvent
 

Error: (07/14/2014 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )

Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7

SKU-ID=9e4b231b-3e45-41f4-967f-c914f178b6ac
 

Error: (07/14/2014 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )

Description: Lizenzerwerb-Fehlerdetails. 

hr=0x80072EE7
 
 

System errors:

=============

Error: (07/21/2014 04:38:59 PM) (Source: DCOM) (EventID: 10010) (User: OEM-NB)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 

Error: (07/21/2014 04:38:29 PM) (Source: DCOM) (EventID: 10010) (User: OEM-NB)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 

Error: (07/21/2014 03:13:55 PM) (Source: DCOM) (EventID: 10016) (User: OEM-NB)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}OEM-NBOEMS-1-5-21-1596549527-1898905715-2209854666-1001LocalHost (unter Verwendung von LRPC)Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5cS-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734
 

Error: (07/19/2014 02:45:16 AM) (Source: DCOM) (EventID: 10016) (User: OEM-NB)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}OEM-NBOEMS-1-5-21-1596549527-1898905715-2209854666-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingWeather_3.0.2.258_x64__8wekyb3d8bbweS-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330
 

Error: (07/19/2014 02:15:20 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎19.‎07.‎2014 um 01:57:37 unerwartet heruntergefahren.
 

Error: (07/14/2014 11:44:31 AM) (Source: DCOM) (EventID: 10010) (User: OEM-NB)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 

Error: (07/14/2014 11:44:01 AM) (Source: DCOM) (EventID: 10010) (User: OEM-NB)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 

Error: (07/14/2014 05:29:17 PM) (Source: BTHUSB) (EventID: 17) (User: )

Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
 

Error: (07/14/2014 05:28:26 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎27.‎05.‎2014 um 21:57:19 unerwartet heruntergefahren.
 

Error: (05/27/2014 10:09:47 PM) (Source: DCOM) (EventID: 10010) (User: OEM-NB)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 

Microsoft Office Sessions:

=========================

Error: (07/14/2014 00:19:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)

Description: -2147024883
 

Error: (07/14/2014 05:39:55 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422
 

Error: (07/14/2014 05:35:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004E028RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=NetworkAvailable
 

Error: (07/14/2014 05:34:50 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\WINDOWS\system32\msiexec.exe /VRemoved LibreOffice 4.2 Help Pack (German)0x80070422
 

Error: (07/14/2014 05:34:49 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\WINDOWS\system32\msiexec.exe /VRemoved LibreOffice 4.2 Help Pack (German)0x80070422
 

Error: (07/14/2014 05:33:03 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\WINDOWS\system32\msiexec.exe /VRemoved LibreOffice 4.2.0.40x80070422
 

Error: (07/14/2014 05:32:37 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\WINDOWS\system32\msiexec.exe /VRemoved LibreOffice 4.2.0.40x80070422
 

Error: (07/14/2014 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0x80072EE7RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=TimerEvent
 

Error: (07/14/2014 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )

Description: hr=0x80072EE79e4b231b-3e45-41f4-967f-c914f178b6ac
 

Error: (07/14/2014 05:30:20 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )

Description: hr=0x80072EE700010001(0x00000000, 17:30:20:487 - https://activation-v2.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=DM)

00020001(0x00000000, 17:30:20:503)

00030001(0x00000000, 17:30:20:503 - https://activation-v2.sls.microsoft.com)

00030002(0x00000000, 17:30:20:503 - 0)

00040001(0x00000000, 17:30:20:503 - https://activation-v2.sls.microsoft.com)

00040002(0x00000000, 17:30:20:503 - 1, <NULL>, <NULL>, <NULL>)

00050002(0x80072F94, 17:30:20:503 - 0, 1)

00040006(0x00000001, 17:30:20:503 - 0, https://activation-v2.sls.microsoft.com, <N/A>, <N/A>)

00020005(0x00000000, 17:30:20:503 - 0)

00020008(0x80072EE7, 17:30:20:503 - SOAPAction: "hxxp://microsoft.com/SL/ProductActivationService/IssueToken"

Content-Type: text/xml; charset=utf-8

, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>ProductActivation</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[1]"><TokenEntry><Name>PublishLicense</Name><Value>7bipq8l9D0q9+mdvySQTgP+Pkd85moGHtwo7rOWUMQCC/bYAh/Asdd/IZo8eY1bJhOHDI/3F1XKVKLWB9r7qmhXcQNeGYb9VMZNT3WXnBCerMtvQOJJ7mx8uUrG2MRrZESMi/oLnMbHVgRxRG+H0xPSxgxnfRYIn5Yh2X+PwTzF8bgI8YoJ4gas1Er1OB2M8T2srWbhO6Lc+iCga8uotXNPRmU4cEzUBzSMzoFOKMsDh+DaLuVRKJIVDM+L6y5RHLUiNZkHTU6s6LN48D73E64td33Lt64UIPV4vJby9hMFFXex/qp+fEd3xj/hnsg2x+0/I2LjQl48V4dre3lga7LbDm8N0jEw3TO1n4qRJ1ujMo/cxv8YUUplfufjxiM4yTY8i+kRprnsWVEOIGit3QIIgciFk33Uz6P61RhTn2yFgi4H616kvG01mOT8Z6Y+QlfT03er2TU7PCvd/L3RwYpaDGReODMSoK+YF7Jpj/cETdKONyDxS9lEL4hkSn4pRSdKEuKOM7nfQi+oopxr8epIaMoniSluxUM+uOdoWo+paeYqcpfs/e5BW1gAY7cPN62l+QXKdri/MSOf8/DlRUYuNfm9rM6WMhI16HvTistBOFE5NcC6Zl3gauCV+WRm74lWcN/5WfKkgUT65TGKMTh83TM1KUY3m3HuxKM9jLrDRbsQRwcNItKdu03zn7/ih0botbhKsZhsY5/aGg/6+rMrhB7mTBz1pWTEGAS1ucAHMGTdwYjp9KHjS2GCc0GUIUKsDocXRg1R/sXw0A30uz/+evKSnLur96AV3mjkmW3ojRQlnnWesxn4ZnYvowhKo8WKBwRbItDnbI2Kxl1rtvIK96z41U6LN14AVxi3zMMe81lt82t1opnl0ucQzx0j5RJtIZBTvSSvHoyatSB5k5sv6LtixsqiHAuh/GCQos6LbwdR9v/XXLmJUx8uvlAduEt6GTzv7A6e20xyVRyL8W7pRiGuCzrj6deveKmronEunLeQ5OrSyQ2tQ5GXQcJvVmLdR4DRa+e7O6nUQCthCctlZVA7e+GHgfUqGuk3Mh9DCKKUEdReabASKmVzi8hphuXSNshV47TwJHlI/el2pMx0z+GZqLzXhfaAM2QDWxgReCzedGfGrt/H4RqIJxr37g+CY1f/MTGFdRICWHR68K1DpXm7Uhn2YaFIxiAYV5VCI7lc2B2VHZcFdTaLKSWluQDHJxooJiFpxnEHaNBPxJwwv17srP5CbdecGACrsbgD6EMQc4K/1+CbY8MT5IUV7gjKSppZgLqRydr8Lg7fsI5Jfpgmhb/LITrItRWTlFyxp+iMFYzSdoiV/Gqy65Ozofi5CNMCTLfHTLSAVUeJJk6GezD4DEIyEuUK40qn1LV4wqxFH1qR4LKfHsixMIKBA0F4WN5MtBTAn7OMQx61K97iaZ/tOhK7KMdguECTEoawDBfS83b4YYvBbB3gz1SHkfs9RGlFj5vrB6odtT+53JxgGXlXPvvjn4x5hpx/igK1sKrw3jRIxeJkjNh/N2hdOMzAcnPQcGtTyDBuFWY33beQBboaU0h3Puhvwp7eUSmTvnTDMQUxAmS0K+N7tqRgaOSrivIQ1DvkqtWfgyLSEW8ypb5rLxokhvzM5//wxgv61MG3h+X2KroWFaPBfwl/FpXjP22sUAzWFzbxakHkWpPzvyRQdhQZotRuqESo1I9zJQiS1mg22ipOfKBAa9MmDp96s7Hmgry62Q1ew8rNI2NPF2wlWHesJpUwvh3a9Xy3ndagFuZJzFVU5cowXMZ7zHdP2+4kNhuozQ01MhLX3QohRy+1Lzg3Xn6cVAtXCYrrdvLObgEi8JlpvoXkWVId8zC3p1zTbn51LIQy0usqs4xE37Nc/iX2TNYZTv+ApkhTDN/e9I3Ea7YHPeXF/lvfMH8/I+wvg1RnRIRrn/agdi47ZIckPzdmYGMoJmAEPgv9xgMkGm7SYCaT8gghRT3cBWSukr1rLPTo/C+SMXPQgq12RFQ76SJCJGhSOl8Qa/Q/W5sn1hgEbvTZ25CHotb1pP6JEokk95XxRBwP17RltXnCSc59H3qJ7T6LkDyr9Wwi+L3yQCKqhFCwk8wK0zH7yFs/okNtIEJePabl4YoPZmiQcuZFGen33tangW6Qiehbj+ABmp4RfuZaMJpRFdQ+3JZqRYEO//EoTMFPF+Y7k6aWw/91lELnJjnrfaTL1kmvO3ehq6jXPoiN6xFX5zdnW/ofxj+MZZoGgnqGF5TBqmoYSaTwaq7SWOL3ySzwDLNOkUMKJvBf04S/O1BK0Ms6zp2A68qxvK/O0PpDkhYrH4Tbh2ahzxai+U4oIJ6O71926WMB7Ap+KVNtUZ+r1AS2LBwfNYOx0TBE6IZTT41i53aCj/4MgZA6j7qIrIbP5aY1wIgSu8og6VmHRoNgD0aex9usLMryCtqHiCJbBxrBncwys80DVrNFjrmI7Yr4Ct/DAhIxL/XA6rmhfyTuREQ8Kdx1aJ37vC0EEaprs1obx1VnUSOo06Hwkf0NUjiWQTBbuuch6F9eLlves1jUihRwYYrvSSziK4FocZxQkclnDxcavtTs9d61Yz+HUZ4uZ59tEMnrt5N67+GzUK14/n67bWtHAWGRJr9nmBZUbxCVhiKUU0yec73nCejc4bEXcra2yHXr/JC+5BoBhM8v5PDlpbd+UlUm5X8MWXkgpct4zUuziXBFBJ0Xr8YmN0pw5RXuLMMx2/nwsj8V05XKP4AcPkUMe7VMjL6udEVc5xpftTpc2SvFG2XaElj/gCklt39DM8CUCiJ8tmrSveeATX4UAyPgOgysiLllxjKRoqwk1jjSt2v0UUNAiSNkqlCg6+DNnf3E7SDYK7u+ir6L5IovHOhO5q2I1ZDRTjzQ1tK4osn0v5NT15XoLHR+MnxCrXSoVkXCCs8oo7OwdR2PQeLnWxTrFT6yQ+IvREowZZnSp2sFi6B6/hyARjVM5WaJYgW4Qc47RRBkaSM0/ImDs8SxQSUcH1v1jbEO8nc33gHSC+eQOsD5wtYS9OQz5zXopoPKvJyWJ02Vny7OGhVdgxl59XzGgX69/Nme9aRyPqWDq2KV4uAaLEkx0wGIWOhywfKDAJW4P9AArni3DrsRJ/VvvMAV97g3iS2AGXiTONnHyYhqe5NXt0ZGqNkXhmaQyHipAus0BhS7KmMINEtanRJDpkND7HfYZgOTZNmjGs1sqCsM1Ibbz+Tt5it3NfKarLEUBHiSo7xKUQFrqSt91clRfSpVc2fNn37x+ie976Ln1MEdl1syVDLm4gkGxOaYWL5ddDjt1Dg6w2fz8KTzJoI4HkFwzqkW/XHJ5MWI7V/MW1LNZCP9HfgFjyB9zyh1wIHSupYrTpRkBDyFHmqNRx3c1c6cRJslXNpzqve66YEAKtGFbZxLm5bSzVibuJ+4fT3IiMPvbpBhQ5s1BrtUJBL3US0aYPnpSIozOJCkZLXUn24TtwILQmNNkE9aqD7BbmmC0HZ4pb9fa5so+CGCBrz4uUDwF1InLwNxDr4KQe/eDblCo3pQVnkzRbfMWVwguh32gG2yLvRjYd22HZD5r5zIfNUsck/LDfIaez6EMnxyW8o1DKP1mikX1ZlYMZqL3hN/uj6ZYBNWLbnP8ipR5nJdLWW8LdxG/6wlLpha8K5fBKvkR06NvEIxjbzjEHBKBWUyVB/3qC97qNFCfwIqmH+Kd6r4l7YQ+ZDd+XPIlrWgQPOb5TWMnz5A3th1SMlFbPjenqRn1aUQlFRtEzd38RribG8SyGreJTttTZmEh9ScXRKty0Iu98elP/5QXx9+ooiCaUK1iXSdbYlaHunsm5dxBXU37kvXsHOpHIMdhiYLVWSRrAA9TKVO0br+vjPocT8hw29wg5zTNAc3lANhVv8RjfqumZcYkyrUabE6xU97KoD1vQNYGOqZA24xq30qKtMP4LGqCmqgfciLgmQtXbRmsc6k8eJFUN+q4uOp0CgBc0HFfc6+tKrLda/ETWFfRqoa4xQT1GVc4MI5lfotzDrGMx34dq3SD+Lt00NfuqA/TNtv9Tm/q0pCbJZ1VUSJnlXkfIz1DEbNE8TMoPaxj7IRIGRCt0HUUwOrHDRNhMoPPrZAOKYeIulqacR2du5lLqPM9/CNeuW41pJCvIIHirAIgoerGAw8BrgJRkc/1W7MTWsCNDxUoJ8xHGMJVBrddBWNpBGDXG28evHoiJMkus0rfNz4NbE8P7qyqgq4pPKgRsYb9lTUaqd2VdgWI02YwteEQQeCNZJlfh769hYtM/t+VjXUhO9k40cfMOXVqo0oANNnrv006QCsszYRCiIsAlFNAop1jxfxR5sESfQ22bvavMZiA0ZguLi87hV5zBYzbo1RrmByGcw4aM0zNBhQwq2qZay32Gun1JK/os/Yj0lvU2ES5Fczj+lXEOEZhKVNbP8gq0gxUMc8YCO28j4tu89iiVnX2HOoYNawL5dzr7ZXpmhdL0nODIvUQgcTaQCFImMynWPceYuPXMxfGO+teYwOK/vQfbxnrhn6rQKslSSe/HZppqUDpXLXQO9N7tJQVnXGCzksT9DdoSr8/+X8FWu44RWbHb5fxEo85ZWHB/LBe9q3bsOOUyHmd+hOnKM0vD8YG7o5lrBEr2kwy3K4oJwL+QDAnTO8jVKzN/kYwgmsAc6lu+2i89/LEC4maWl5f+02aIX+cWewEtCzxA/kHYCB+XSJ+Yo2DbbcEjii3AOF+M/qJe90pFXY1AtjStdTQE89ZBJoJub6WUMLA2kXSOlOM+vx+VmXjLbY1VX3AumXKutlLaHfou/vvMu3mp5xQE7VI2p+1c0HwZqCzPH8AKH18VJu3XP1IDWdfj6QiPP9wtM7Ws0VCOEbeF4TEotqSDD8VrHspaEV6XMYfI00j4LVQhd+xKtGMs6Nio9V2GZSWrQ6w3IIR3JG3G3l21LW2KoafB8PU5yg2YkZ9NHWzepBSdKQi9Xukhksyp4NVkp7Rpjhxe1Sfb9HnYwfYHuexKcpO9ZKsJdqCGpkKss0BJBtIDwwvnW6y5wRn8gZ/QujNnEWqgrGZRTjIqQsOBgJ4IK9J9ZJ+49f+3u8N6EGb0XrgroEjI76sqC8j3GGh3nv4OkfbcILmBxt2xBOzjxxkdvd+4P4H1DbbokPtlXBOEBn1mn+1HznlxOUr/+CK1TmfiYR+/zIStcmm8DKV+YDmQbVN3UrxsyF7UE8FI9b7S3yWbsagiPab/kw4wMamtKlYfW3onqJ88rnoFbPNiFqdDhScAGew7htxdF4nOdjDz6d1vkP/2+gQq2nAxHiC+Nzk+OOQBnjAwSNY8lhdlvO7y4ERyX7L2NmZqMLg23T/oGShmK0iQSqQDhQgwpSu8ITJ9iFvkGKmAOqrZDByBRwHWvn7BJw5HUGylrSnlmD30l2N+qiYJ/vnZBOU3nkBLHPGJD4nx0ZyG8yb5ocqZT4pI7ZvZ8ynX64BIK7U9s8dg2ttkptrDgQaF7lceFEGP669IJ2HxR7y9vdTMJLzKCgNtxC4luDR4nCDHU86PU5td88Z6t10Df1t08eg5bvDFc+rj1PlzBlc3y7uNSL2/O2GjvVTq7gkCt8k7TfjIBu9X2an807jgWc0livDmCK9F0rZUF9DwMIEmfUADBqJvT5IogYLW+j45WzoXD+AizGVjAIXKtm6lde0TjbgepYe++iJ8FKjFYlZhHYQrwsyvAxHGlIOs4+JIJriASPKw920kgyVsdseS3jGmQCtW81CFSKwpI1DDg5Qg67Bi5jWNBnYnbXekI3ZHi8CUoqvoNcRI5G24g52QRel/NjmzzmLMzEa52zJekp8ybv4lO5d8OkSz/MXhvax51hqY0XOWqD+22t9XeWe1J7DfhhiO2+umCamwBu7eHGsZ0jEvOXBzmzsgAru6KKxpGCjCBNmn+4YZOk5hHx7LPVesYYPEAoE0rT4oGqNRy+G83xHHHe0LFYBMi5sjn+BxIS5pOIKb1jXBYznE2kODrkrEXeg3Cz1lMmt4G8/RvmdK5Di0kMi2qahijyFMFJIjEnuFA/I2sPe27R6+pATmZ41NUR+R8JByONtwlY8HzX1f65DUcvLsjZ/lJc16DeEjbuLnQPBakzL+qBKEoQY9/Nc2UXhoU1YYOLABSSklfLZ1V2wdjJtMALgbJGOE25AqfgakcCY71Roc9QFBPeAaPtiD5BJd5Hla03GpSvVi67OCv3atgHrap1p/4Y2fyoNyku3Jy/tk/JV+egdj/lm5fpF0G4gakCxr+iiJ8c4WRwEE3aHWB6BAYkmznuBS/D86zdeq7XL2a6hgeZHviEeYmyK+PP2pApSCnuW3MMX3jsveMuY0+6o11SwR0cDZDLtESSpQUYlU3zlAT1ROp1vaskmuaIfCxPONDkCtSvr4eJ37KqWPW+TxrO+tU8pZr+ZXxDaT5NmWhzHV5Af0+6apcNVYiPwlqD9dImqxnwMiZrmpVAJbuSfDP20y8h1SuMYBUynCjG/bAnORWQ/epQCnOm8xqa1oe1gr8E3JPEwRpYuPhnd7wq0X1J36LWaFQWoPaSWYFm5CCf0nQY2CAWDxau62ZrsEBOp8ksUNrJMDiXpzD8HDSyjFJYQAng6gQWVgBy/oeliZ69+TdTrJg2XJziDB0jkmmnX0xTwDnsmJQtvXC3ZJrkFrTUjKZBwg1UIrcbWoDWFGWRe96LLq/dI0pMEXHvSTTG1Eg4Ai4hKoDa1meYgf437NXuKLSQC5GqE616KVX+XqmwIP9V8tdb3KRW2+EHpXY+m9hgVOhyAT5SAbCqnLVJGgOH5Nj1lpGzZePxop9SkXB245O1Da1BIwtVZnqOZrCW0nwRnGxZ4hbfmyHar5KNIQtuk2dAZnPz2rqfA0eMJ3IeQqmhzWeygW94ZweL+sCrJUa0Fs59DF497jmvU/co/DRe5cv8hlZFI8ZFuCYgFnOnfMMhzQnIJ8Exp1INwsI9O750qdnR+fbTwNWJr3VMv83Ns44cARiYyP9UJufwkgMTVMKkFAQ3LdMZaRXKHTEFxKaOLhH/I9voxMno40hm6Cxskwon1NeouHrtmaqGEHPBu95/w7WhwDXpf7BXe7kRY8RJ9AdIupcyPcrBfB0lyVg8O6p9Jiz7am1UgvR364vPmfX4oR79jHaa4VAqoPp4PvnlskWjsbdOx7FkNz6oQRNQuy5enD/P14aPhRQDNzDlyuf1QDInqUoC1kVyBqmyK7kUISA8Q7OYUdXHZ1VYaUwWPlDkX8hy7kZ6uC/rpEDkpffeNqG3P1ZyLLqbZnqSdMR385oD0AMm42sATyz6Z0+tdmLMMyEiV7W9qqnEcg6142dQtdjLFn89DiVI/wpHN5I4FEKWlDXDrDCqJVxLvrxQCK1QRg+j2ZBtGxLF7YUp862GvlYmfa+J943VddHckM84uoPYuaxuqwnQMv+MWduh067RWhaNPwddh1+6K6wil1KYXD950ieGzLwvhtRx9UfLAPhogYioxwmKIjZGm4HJCorRpniPWiz/S3W9FIfdiHRYL8YAzH2y+ni+NLoHbdOzu5Ng1h6B15MW+GPMupsVcMP4gYUg3BFNklA6NtGygnBL8zeN+vs+GvQEiSEekHNXBkHY62aeAN/M5rrCUfwCukrSoYzbnqnfalB7GwQ+yrGi/T6UtdzUcSIwyo55UHUdsv0cfdBTrkNDId+X8sQYUqFVbSdci9FtJwDf3HpwkuTWlCvL3l5XBiUpumvv305R+kEd9ucFJvtI20wj2VNQUhDuAtIDM4/7Rfg5z/TOgakELRaG+rK1YkidCUdWIDS5lHKjZdBC1q4imVPfOohPHmF/SRu80k6v+Z+svRrL7ewgc0rNNDGwEvdk0tliRn8hUcSqNcnwNybovNU6fMhNhGyd//UpFlx/LRZJROKDg7Harbo+eTUF88L2rkY4nHP5EBmUUC2yJCyXJPK6TGCQOCjsua8stLei1QePm8zM1VscOXFHq+U685lvxEv4Vr4e/K9Mf2JVXpoFknqBxYmwawWaUXzSYgG+KFLXtx9k56ce9GjaPV3jjBRPc0Zq6hW689Z6F2etT7kfnsyaEZN+madGgnLIqRbw+nQaK+aCpa/BnoHOKOaPOnY5DNUO9oOxZWRNCplX/VUVZ0ayOxUV8/0eNLs5aDy5CbDIj42rAYnIFUQG0ZYbVZxBzjQZLjzP5j+RGBQx5F95I7MQm3j3LQ/2PqS4PE6twYnUhd2dJxIfQanNCIUi0/Dxk6G9eSNUybiL3CrJGIaMdVEyujfWz3fFJuRirhJYromiJTyBIrv56aupKHJdrxyJNlRyVZMpY1mk6ajIz8rlPv51s5Dsuti5TmFnC1EI8XTlIPKPZ+VGnZF29jcRCeH8Y3g/wuQjq0+ff6Lwp4Bmcm1X/827spfUPTKmbwtMLyfKyskAXHve873/el7x5nX73j3apOIlhSU+Ruf7TBwubbNuMXCxV/c6x34ModxqzC42FwWmtmuXJUv4rQ+tlfZEmU9Wd+Vt6JYkihzXqhjnbo+efT9hh6gT8EPiE181Cw7aCOGSGoe4IIfJK5iFyLwLxjv/TrB5UyFgbxL/3dwlsuO+bsg3vUiWzYEztoMkIDMG79p4ty9v/eub+SoiHkwW08yvuDPLGPWKiEkVB0omFw2jaqc0o1L+fTbGHcXdCCTgViohRnwJ+HbcjQHLaEBSNs2nWkjdTqSN10IfqX57WTalBe+tEa8dGDw/iMrM0X5HmSsL1481DybzdPE8iXMlAye+w+McnvwFRAPllDL9KIP8e9pXBX5eHxAr2JLfhv420/BpEt1EOFkfqDzaI1aiLljm71rmC2AOYebgPsatcfWXpp85WC/EJ+GEf5Yc9MjedAsoXghVVxjjzQyCrG4VCo5N8mKDFuG5v1A/R3BDIgN5gHPcLt/ckMGgpjNt3vtHSUL6x1qH4SlxpMOvL5xHDr3yls2OkEl0+rbtM9icxoSV/Bsz5QJ/CigQE6NhuXtX3CtV3mhT0aiazWKlxiDIPfbrKFCggkNspjRbq8hAUGBsUjM+E9afOZMfn6TmjHZj2TNV9g/4HuRhVqh83QOGatpxqp4cgddYt99A/wrEronOqu51wYsUWVKiygIEq4efyhGT2ffa64rrcgcXqSWn/4uMwwbWIwAVoPFjf+aIZE0Xq/g2URRvCkkrjOVXm1SHIo3t25Smru3cd+jlYe2K+9s3x5dtig1MjKBG+w74RdNIyTq0ybjDiCwNQiLh1wGpgiDqjp4rZ1r/sUpWs2I0JPTIfFQ7qBZhnUeS8wJgAmqGTec4ThTTInoBwa1ydKKaKlCREOwLydPcv4oPg0jIF6jHO/dw3zM97wNgmudksLRpRxR5Akf8BK6paShu5Ds1caZ63124Uk3YGI8W1plbHNeDgz+5gkWLiG2hVTiSrhYDHYXYsqmtth7cSuGDtt1WJHgkp3q+Khjq/udCEZMt0ox2ccNjNjs0ywt3K0S193HmVUPuPpnvGCCUDYN5BPz3d0OJNkHuyvPvu1nIlWGCScwSH/HJFUUWI8A272CNpULY1PISFM2Hn8PFqkwGdnVsmqDAfumy5iBwz6bgynQCRJGY8/RGW8IjgYVRKIghv+gkt3JsSybO1ivDqVudo1TsMv/Nu3homES352SUSwZbrVXKnDyaNHCh+77I2QdqXwOPLjtvMpwp61zuywPueiWBT34hE4Tz2VTe32rgjKcdhp+5jGXzCIPg/gm9vCABOCnjyd9CxhyjBoL7KJa1Rvszuq4NGizKKiGAs6JM2lnDaF+Pk/oQL1xTn1BJkyp+DGbHZxO9lIDm8GjICEhltX8tYsm5R6b3v96/a8h+fBBOmy1sqiuxPmptGcdmku+dVdIHLjDXx+aH492sqmQG87MwSzV1cjdTKO3Xhfq3HhpbYjSP22vymh9h1T9AGieLpdW+hWCQvRBZmGD0VG8Qb7Ty0eBoMSmu4y7pJ8EoHUAsR40Ytvr/QLSyL+5f2ZTgfm7m9BE4NMGXeswaYDgotRmKmWnpTTUjlT+bTf8f9X68Ma9735NPjZuz0QiURBnOhZrrQcBVoIPAq6xK/wEkHu+D5RL4FuYqs50gQX+Zi0dL00zBfBYbgS+ueDyK1U3Ej3304N1z2Vh1BNYuT/1q5wDTdnVUZ05yVKR08iDd4FnntNFjjokSm56XpvoRynYx6ehkjiOksRifllLQmjEgFHlhrPKSaSQnlSwYFBpsHvmjkWryNLC4kMofsIh+3jNH0Qgcqsg0h8uina2l6BHl/j0ocuc5qH8i05+zvmRK8kvYjwGdMos0bVI8MdPQP4NcgNA3eOFNM7ZeL5CGlGWnvCNTVsoK827IOtpvMIlmCq5sMfMaXKbQJgrjO8lnWAhPoDsnTEZzYIZPEH5CpcsUyY68wXXD6A/HFIsp43o+WH/KqRGKiOWhiEztUlQoJjQUOGHLhE9gbnoBjDXiDiYriaIEiHTvH3Xn3vQ61Pj1uvHDGj2evSEvE0GsqjKVQ66wIQjhUHhRxiDPnO0xN7ASupbwFPtkP5XLMfHfFLiB08GHoOYZYizf9StfvXQiGdiU2Z4NyWQ/8l/sJw+AdoulzAOrpQceyt1/Cey6o5d+SfL5sDkATFcfX4cXuh3lvP6iy7L4mtFpSMN4Uyh69YFpkR+aMJR23OLDZonwgrKno0hs7bJeYLibWvg6gAuLQX2MDI/L52U1FVxwRcUXxWUFjQDblSyFa4Vf0qQS9gsNrWc4ZQLp2NlKdJrD3yIndm82H7NAcp3ciTimRRCR6SmV/ypVg96xd416RKkdFBkAIkC0qUT9Iu0aYZt+bD2LGtVyZwpYYQPFyjsFv3mDf5zSKUTwVp4aiWzGYndVXFA5OeGKBRleQuKdR2ZtskB4EQcoxLQYuPFlEJ8mRib44VbFFvcJ/uxvmq7kRPrqF3AAnebLGLRrTCRl4TKXrBdfxjyjkLtPSWo+aHzCPX1eXdK6rc37JKzmgCpiaFrpv2RC6dL46zZ0rEyeJmW5GBDOqr7GokVdyHnYANseiLG0g+buYrq70G5SWtM82gvkI41xfocemj7mcFgddgunNhQDcTtBNX6RhiOXZ95tlZAA07f8VbGdpnZFgA0G6bVd0Oya3Kv3I5VMgJQfwQXzQzOI0/u3Vop5BZS/rctFP8Xn+xGwA2Si3zza6vHL+t/3/jB13/cCB9FBh3E8SVZfV2K5A/JKYT584LKalCtqvlXvj0BzGL0ApUSvJoBbwMuTCNkHky7ApBcRyvODnd6qGiycrHJX8TRWy2V0QsT+Iyio+qH/xaenooA8rYPMZWzfU97miP22ZIzXSrEiLPQUi/jQDwqA/vsABMumyw1oD0avUkJydGBl1JzA2X6ATP4CRt1dR0FwsVCRarS2MRocG03Yjnsjg2VQMAYa8t8epSNmFOrZTa/XdTCn9ji1+PMIRqInEDLnzRdAZPJFaWPJXxOq/nwWwZlRwTWhnyPuFDEp+ef3OMx5D9DPQSLAIKAj+dSB3IZ5Og7TgkLEXIT6uGQI4cB2AbJ8qkF4SbrIlxxo41kmlqtLkyeiNSx3KGwUTfU1keZnV3GE3rOItYniWL2wcteUqnTvMYFDVHQ430vXoX16SfW87J+nnluKsXd9zmiT2wR7jT8Xz0d0xvVMOW4DWamHfG+qz0kp9KkRJC9Yw+3iKCX7j+YF4j9EmD8bswAunbVnXc9NbPvNQlVDpDbQmSOKNcSlHnnLIOwrGVnt6Pn9CpPQSEyVmu+DP0jp7OWsObbPrKilvrHq53GbvZqpP2sBVsr6HJCUuCFNpIvgth2Y1AviLSffrenraVBephTOWOZTqk/GOiVkFPCONulLJy/0GrxyldOaYy2CwGtitvSkvBdeCVEvC7sD2WbxDQZ/F4h52V3VgJeS7AU1jNaDudaitQWg77s0hUslwzsd1CxpXIrqt3hpbPgnOhdh7U3jDZiCjRfCPnOHuHp4/a32bFClpfH1Ek5/rozGUqCu4ZK6atxzcYYDoVOF8lSfSrkR9c2AcgfzmKLq7O8jPbByEg3KH8Uvi0oWbho2QZQBTgvtQdDL5ywdp8Wba2vLFNViIDS5Qz5yXc4yrjZqjq4tg8EuC7SUsf+ttJlpwMPbJmkbSEFvgttNTyUwZPjTnrD7n+sVM7mYequfh2K9oay4WGgnfyiMtkgSVk+T3Le09aCKleqWuh/OPkrdNLUu9iCr4KxP2jSUoO6mXSWLFroLOk8hjbH2RZfM5UFjBnna2hAV08TkD3foIwHktHznc/vyQTj4jp+caL6hLZrghQSHa+B9sJ5eosOwHsEU+7yl384ymebr5+tN5uyD7YHku2cJ28ShnIYSEpce52mnRaw0Nu7b1Ij+bVMmW2xQ5dMozGvrxEOPNic+5qvRtGqJWhANsDsthsmRO7ExDZFou5OjXzXx+w/9C6u8jXxIoN6aSySVpGb5wRJjZHE5OPoIY+CUNJEnOSJ84HYRpjmh9X8u3nDDgXC1Hrcemnr7iC722TRYvvqhjOYPl/5nNo75jwIpY3gzwmbjln6qLXMhNVjVT2qvxyrwxx/9HdAmYqCT1Fue/NW0A8xehjUP5IcjIiv7oPlE6zE6cOg2Rt7NGSMnhf3N8QX6i5NJlXkSG49DTnnI7S/s2H7e4Xx+0xGnnb59Q79znYv7R4jSneMd3eqxUrPr2eG89+KvP7upI5zzKdOeuO8FHJw2LYVapofQsnz63jceFe9CwH4enexqxhGvp7I+95rFj+nxxRghh0+zuUCWRLFf8cki7MKaChAl+i2s/wnkKDO+zmMtV1nZfMXg7HpGExgocvhzN1+jJV6C5d9FeJGFQNqPH3gLYFDp6HhuvkUY6psZLuGy5W2fRQ/uO5gQ3yKBW34tD4CW2rGnMhL1EHQVIHepsjv9Ng/664YagY4gQrWk0Az5DeDB2VE+eWh1wY8UP86Yy7QEnJ2z2HDK41/ZCJNNiNuDKqdH0mBzMjpOwYrHkBzVuieyqBLcSqGsoZzMPAZ0NRZCw8LEibXK9gUt11QPblvEEBiUfIBZJlNmhN/EvCcXU5tSFm7u+/xgMVFl6xunlcfLjl0XzrmkmjBntFIllPPC0JMCVhtIcsXHzfxL2hzixJwcU2nHwr+lBVDEBrev8MqQUCYIXc9tiAJNQIjXJ2D2GBxxpunZTgvq9P7e6KVtg76nrdufSJp1nZvH7cAOaE0QQStjaHfEQmc3THBBbL4EeNAXgtUrgQhw9UumkClfVw5Zm2+CZfF01OniacP9tK/DxzoW7g4ZQqDhQhnjURelXdhCFHTqw/0V+iwk3c7F/xmJcOsOtF4WF+InTewBl5Xhu+h0JNcfsHxpPZW2dnIPX1kUIZXo2ks0RidhX9aOmN/xxpQxYM/lZHYJ2MI27iqHB5iObxZOx7x9bH2hghMdldTQeQQuLPtw4Yvebtx0UF5hUovffHxnXP84qyeGq7VAbQiEtSLrA4ASFqM68Xd1ZRRvGTHG1d8QlbtQsv5+JcchY5VPO8+bYoanxx6dfbAo1t/ZdRWro1cBCfARFzXIVYjsti+D6Im5VG4qxiXAkYR6YFCXqXiU6WVXJ4VEhRhSabPHPfxMvd6dqQ0If0LJdPXDlTuXHw0bcFk0xSLKxmy6SbwXt0YAhwu6l19GaiI9/lNZGZ54vz1aU0LoxUAd19GOtf0PVWF21IIHYjgAgN6FCVab8mvENRMcXlypURuDfyHA6p7lJKtG4P4tekae0i4DTynzi3BsY4dVH0ESHPN6VvSBwQPFj47L8wYYulq2OfPx85sDllx1nnwRsbuUI78rKPUqng4s0byChhSbDJuzUnD6yaZ5VxwvrvrKdU9JnDUINpw3xflWAWK4m2WzGiIF94wnhWk3Ik7OhlRIcJO5M8dlIVHxa7RTDt8d01BKu/k7VN6bVZ2KeX6KrO84wUTwSOgalpj7l3xJC3h+fqOjcuvJGUYGh9Oadidw1eofnbeC4z4374NV9p5fZHYW95flW4jPsj82z/u0jsR0IIvJjR9R2HQvSusd9N8CQH3TMg8qsXQz3PzK+lp80BpNRxaPZUhlEgEjHdVlerZfe+XYWs+ZbUH5Xzb9m9KpoUcibSH5poN+lJXocZfRnALfLRSon4tuKhTi1+k05GqK7QgZTggOPUV0gT4gJXOTnTjx0ydwan8Z6y+dKtr+9E52UpYwK+U9r4OnRY0jYK0EyoObF0I8IjQZTNv2GK4xKNkwLMQIM2+YBB3qWbb4lVlQ/4Yu3+SuVodrufnt9stCqP4wzvH/AbYhuV3U5t3djHVhWrms9chdG1MGS14GEAKYjDT8Kp61adZVc711/mfkOHxf1bJERuH7yfMY1PVSo8xBR1nv03KjS6araiQJFbyaLHReGp6D74EcRlMgEzSKu/lCzX2kTNENWBzJdA4ADJWsoU+Ktl8Jd0gXn860FzptomeC6BxFg0cUPaLXObphVNWvtY0cDl/iJGn8BfMROySDsHfHVB+KN9PIQUxuoDYEnGGnie8A/pk0dAahVD1h8dPWym4mF4ar3fDlBNGVKiw==</Value></TokenEntry></Values></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[17]"><TokenEntry><Name>SessionKey</Name><Value>tLWFzCn35tseSJV+zMgUK6raR0qwpd8ibF3XqXSjwB711HJow4L8/Y4RdvYdoEdpqm4G7oawGiuAnM8tUUlQgWrKivZ+nCRd5PdI4k/MibhsLwyAZeUGOZxjJOJWzS7VOF6A0IQVYewHLu05JIyrAuPGTw+fnhocHevqQZQROAmTGna14HYBvIGkW6J5LgyOG7pnXy1Nc8QZ3wbJXFLoV1CURL7eFEhJ2bv668ObmnjiIN1vX7xX8diSGyGgYg2adZ++kQ8LDyvqRrmxlMf50mK8bbGTujor50SB/nCIZwSxd+LJybuhU0P1r7oQbUdcakt5sS34UWCKqWoaD7jE0w==</Value></TokenEntry><TokenEntry><Name>BindingType</Name><Value>mUtBAhQtZ/DAUIs2W5C4jIfj0HQVmZ2EeXZAixC+zmk=</Value></TokenEntry><TokenEntry><Name>Binding</Name><Value>BG9FRS+fzdoWcxq/oWAtLuy+MJUhhv5ti8SNL8XZiInefSI7uB7guxn9kYGmRdytWNedbaXqtRLFVKqCvAumcT2lDt35ueB2/ZazwortV6o=</Value></TokenEntry><TokenEntry><Name>ProductKey</Name><Value>kkYqAIUpilD4ETIZUnR0o2JnhkphikmW0dreOAz8Euc=</Value></TokenEntry><TokenEntry><Name>ProductKeyType</Name><Value>mUtBAhQtZ/DAUIs2W5C4jHb9PMQMpWegrf6UX2D5h0s=</Value></TokenEntry><TokenEntry><Name>ProductKeyActConfigId</Name><Value>6z9Mt1EPltZh0MjxKzehtTMEZp7ym1poWaIZhGljYzAslQw+6lMDYF9tMqhQESYn3GaBiOFoC8aMgkfWfhUrV3hfbLx2c1wRuoSOSCS/TZk=</Value></TokenEntry><TokenEntry><Name>SppSvcVersion</Name><Value>yZM8XMYBmO6mJpYO7Oa7XA==</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.licenseCategory</Name><Value>CmKngS1Q1vK0nKpn+6SoOIKgdVoIA+a7ruU2V+dC1Pw=</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.licenseCategory</Name><Value>CmKngS1Q1vK0nKpn+6SoOEIoMcka23AZg1G6RrG+T+U=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.sysprepAction</Name><Value>rNpHSmWHnq6ZAiaKeIbjaA==</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.sysprepAction</Name><Value>rNpHSmWHnq6ZAiaKeIbjaA==</Value></TokenEntry><TokenEntry><Name>ClientInformation</Name><Value>c3V9awtAR6tRm57kfhK0gxslB0AiVd/PrkGD2Mwk0G4g6QhxdyKkQuX9hNq6tRXoci7aYoKV6NLvFZSMd8vM0g==</Value></TokenEntry><TokenEntry><Name>ReferralInformation</Name><Value>18qyBwg2fScO6arKMu/Dsg0MogJwMm2135DufB131JTD30dBuE1fqWhd2KBeC0/ujur0F7r9LM5hOCYnN48GGQ==</Value></TokenEntry><TokenEntry><Name>ClientSystemTime</Name><Value>3ar2sE9Owy9g2IaQsV0oqB7VDziMLf0+Q970NrA2w8k=</Value></TokenEntry><TokenEntry><Name>ClientSystemTimeUtc</Name><Value>3ar2sE9Owy9g2IaQsV0oqB7VDziMLf0+Q970NrA2w8k=</Value></TokenEntry><TokenEntry><Name>otherInfoPublic.secureStoreId</Name><Value>jZ6Adzs4Bqk9mP8vSfiiy6y44TdWAXahmmHQWS/4PLUlgdLKQnS1Zdnw33Q99ZAq</Value></TokenEntry><TokenEntry><Name>otherInfoPrivate.secureStoreId</Name><Value>jZ6Adzs4Bqk9mP8vSfiiy6y44TdWAXahmmHQWS/4PLUlgdLKQnS1Zdnw33Q99ZAq</Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)

00010002(0x80072EE7, 17:30:20:503 - <NULL>)

00010003(0x80072EE7, 17:30:20:503)
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-07-14 14:15:58.672

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.625

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.547

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.500

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.438

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.391

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.313

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.266

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.203

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-07-14 14:15:58.141

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 27%

Total physical RAM: 3975.27 MB

Available physical RAM: 2869.51 MB

Total Pagefile: 5383.27 MB

Available Pagefile: 4134.95 MB

Total Virtual: 131072 MB

Available Virtual: 131071.78 MB
 

==================== Drives ================================
 

Drive c: (Windows8_OS) (Fixed) (Total:426.04 GB) (Free:403.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.37 GB) NTFS

Drive e: (WDO_MEDIA64) (Removable) (Total:14.83 GB) (Free:14.33 GB) FAT32
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 4F946C20)
 

Partition: GPT Partition Type.
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=15 GB) - (Type=0C)
 

==================== End Of Log ============================

mfg
P_E